Jump to content
Not connected, Your IP: 3.149.249.107
AirVPN
CybertronPCNet

VPNception; VPN Chaining and VM?

By CybertronPCNet, ... in General & Suggestions

Recommended Posts

CybertronPCNet    0

CybertronPCNet
Posted ...

So I know this maybe over the top and a wee bit silly but what if you chained 2 VPNs together through virtualization (VPN 1 on host machine and VPN 2 on a virtual machine) but instead of running 1 virtual machine you installed a virtual machine inside of a virtual machine and installed VPN 2 inside that virtual machine thats installed inside the virtual machine then create another virtual machine seperate from the others and install pfsense and configure it and route the traffic through VM 2 (virtual machine inside the virtual machine) to VM 1 then back through the host? And of cousre run TOR too............ VPNception?

Share this post

Link to post

zhang888    1066

zhang888
Posted ...

So I know this maybe over the top and a wee bit silly but what if you chained 2 VPNs together through virtualization (VPN 1 on host machine and VPN 2 on a virtual machine) but instead of running 1 virtual machine you installed a virtual machine inside of a virtual machine and installed VPN 2 inside that virtual machine thats installed inside the virtual machine then create another virtual machine seperate from the others and install pfsense and configure it and route the traffic through VM 2 (virtual machine inside the virtual machine) to VM 1 then back through the host? And of cousre run TOR too............ VPNception?

 

This concept already exists, and partially can be implemented by Whonix and/or Qubes images.

Running a virtual machine inside an existing one will cause OpenVPN inside the second one to be very slow, and you will lose capabilities like AES-NI and

other improvements, since your host of for the second machine (which is actually a guest of the workstation) will not expose those cpu flags.

 

Besides, two VPNs and Tor is already a huge performance hit, and doubtfully necessery at all, you can do Tor over VPN or VPN with Tor, and there is a guide

for this in the wiki section, depending on the case. Some members also posted their own setups.

 

The general idea is that you will not achieve any meaningful layer of privacy/security just by randomly chaining more and more VPNs.

A more practical approach might be learning about the various privacy technologies that exist today, and applying them for each and

every task you encounter. For example, if you want to download some confidential documents, it's probably wise to do it in a virtual

machine with Tor over VPN. If you are just into some P2P, a single VPN from a transparent provider like Air will be usually enough.

If you are in a place where using VPN might be technically impossible or put you in a physical danger, you can use Tor to connect to VPN.

 

P.S. your idea reminded me of this

 

4co7L5e.jpg

rickjames reacted to this

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post

Link to post

iwih2gk    95

iwih2gk
Posted ...

So I know this maybe over the top and a wee bit silly but what if you chained 2 VPNs together through virtualization (VPN 1 on host machine and VPN 2 on a virtual machine) but instead of running 1 virtual machine you installed a virtual machine inside of a virtual machine and installed VPN 2 inside that virtual machine thats installed inside the virtual machine then create another virtual machine seperate from the others and install pfsense and configure it and route the traffic through VM 2 (virtual machine inside the virtual machine) to VM 1 then back through the host? And of cousre run TOR too............ VPNception?

 

 

 

I am already running something even better and making the post right now with it.  A virtual machine inside another virtual machine is OK but it would be more secure to chain machines using PFsense.  If you want to place the vpn1 connection on your host you could easily do that.  Then you create another VM with pfsense for vpn2.  Pfsense VM's are pretty small.  vpn2 would be chained/linked to vpn1.  Then you create a workspace VM that would connect to vpn2 ---- ONLY!

 

Compartmentalization is security.  Your online workspace VM can only connect thru vpn2, which can only connect thru vpn1, which should be firewalled and be limited to the vpn1 tunnel.  No escapes and no other way in or out.  On top of that on the Workspace VM desktop you can use the TBB (TOR browser bundle).  In this config you would be using 5 hops and the circuit changes automatically every ten minutes.  Nice, safe, not too tough to setup.  My .02

Share this post

Link to post

flat4    82

flat4
Posted ...

 

So I know this maybe over the top and a wee bit silly but what if you chained 2 VPNs together through virtualization (VPN 1 on host machine and VPN 2 on a virtual machine) but instead of running 1 virtual machine you installed a virtual machine inside of a virtual machine and installed VPN 2 inside that virtual machine thats installed inside the virtual machine then create another virtual machine seperate from the others and install pfsense and configure it and route the traffic through VM 2 (virtual machine inside the virtual machine) to VM 1 then back through the host? And of cousre run TOR too............ VPNception?

 

This concept already exists, and partially can be implemented by Whonix and/or Qubes images.

Running a virtual machine inside an existing one will cause OpenVPN inside the second one to be very slow, and you will lose capabilities like AES-NI and

other improvements, since your host of for the second machine (which is actually a guest of the workstation) will not expose those cpu flags.

 

Besides, two VPNs and Tor is already a huge performance hit, and doubtfully necessery at all, you can do Tor over VPN or VPN with Tor, and there is a guide

for this in the wiki section, depending on the case. Some members also posted their own setups.

 

The general idea is that you will not achieve any meaningful layer of privacy/security just by randomly chaining more and more VPNs.

A more practical approach might be learning about the various privacy technologies that exist today, and applying them for each and

every task you encounter. For example, if you want to download some confidential documents, it's probably wise to do it in a virtual

machine with Tor over VPN. If you are just into some P2P, a single VPN from a transparent provider like Air will be usually enough.

If you are in a place where using VPN might be technically impossible or put you in a physical danger, you can use Tor to connect to VPN.

 

P.S. your idea reminded me of this

 

4co7L5e.jpg

 

ha ha

 

This made my morning and it was funny.

rickjames reacted to this

pFsense it works

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Go To Topic Listing
×
×
  • Create New...